« Changelog History


Bolt v3.7.2 Release Notes

Release Date: 2020-10-19 // over 3 years ago

  • To do a 15-second install, use the following:

    curl -O https://bolt.cm/distribution/archive/3.7/bolt-3.7.2.tar.gz tar -xzf bolt-3.7.2.tar.gz --strip-components=1 php app/nut init

    Bolt 3.7.2

    🚀 Released: 2020-10-20. Notable changes:

    • 🔒 Security: Restrict filter options in Request in Twig context
    • 🔒 Security: Provide a stronger secret for UrlSigner
    • 🔒 Security: Allow only directories to be renamed with renameFolder #7867
    • 🛠 Fixes slashes in directory names #7871
    • 🛠 fixed typo 'an' to 'and' in README #7875
    • Check if we have a current user, prevent "Trying to access array offset" extension #7869
    • 🛠 Fix ContextErrorException in PHP 7.4 #7868
    • ⚡️ Update composer.json: Add "public-dir": "public" #7866

    🔒 Special thanks go out to the following for responsibly disclosing a security issue to us:


Previous changes from v3.7.1

  • To do a 15-second install, use the following:

    curl -O https://bolt.cm/distribution/archive/3.7/bolt-v3.7.1.tar.gz
tar -xzf bolt-v3.7.1.tar.gz --strip-components=1
php app/nut init

    📚 For detailed installation instructions and other ways to install, see the documentation: https://docs.bolt.cm/3.6/installation/installation

    🚀 Released: 2020-05-07. Notable changes:

    • 🔒 Security: Check CSRF on Preview page, and prevent renaming files to blacklisted filetypes #7853
    • 🔄 Change: Add hreflang to allowed_attributes #7855
    • ⚡️ Chore: Updating dependencies #7842
    • 🛠 Fixed: Fix tag cloud, update NPM deps #7856
    • 🛠 Fixed: Select field with multiple contenttypes and display values results in a ContextErrorException #7849
    • 🛠 Fixed: Trying to access array offset on value of type null with PHP 7.4 #7843

    🔒 Special thanks go out Sivanesh Ashok for responsibly disclosing the two fixed security issues to us.